PRODUCT OWNER IT & CYBER RISK MANAGEMENT

You will be part of the Global Cyber Risk, Control & Assurance team and take end-to-end ownership for all aspects of IT & Cyber Risk Management at Hilti. As a product owner, your role is to provide thought leadership to infrastructure teams, application teams, decision makers. This is a very versatile and important role in our Line of Defense 2, covering all risk aspects of IT, OT and IoT.

This full-time position is available as soon as possible.You identify and assess threats and translate them into relevant risk scenarios, providing transparency to risk owners and other stakeholders. You propose risk mitigation actions aligned with our cyber risk appetite and manage them in our GRC tool, for which you will assume ownership. You own and mature the cyber risk, control and process framework and bring it to the next level. You will be responsible for proactively conducting risk assessments of business areas, platforms, processes and third parties. You work closely together with your fellow cyber risk officers on risk and control activities. You liaise and collaborate with all of the 3 Lines of Defense.You train internal stakeholders in the best practices for IT & cyber risk management. You have the authority to raise risks toward respective risk owners and produce relevant metrics and periodical risk reports for different audiences. You have a positive, critical but solution-oriented mindset.

• Bachelor’s degree in computer science, software development, cybersecurity, risk management or related discipline, a Master’s Degree is an advantage for this position
• 5+ years’ experience practical hands-on working experience in IT & cyber risk management
• Proven subject matter expertise in multiple fields of qualitative and/or quantitative IT & cyber risk management, e.g. risk governance, risk identification, risk analysis, risk assessment, risk mitigation, risk reporting
• Knowledge of relevant frameworks (ISO, NIST, ISF SoGP) and best practices (Risk IT, IRAM2) as well as relevant regulatory frameworks (NIS2, CRA, GDPR, AI Act)
• One or more of the following: CISSP, CISM, CISA, CRISC or another relevant certification

You strongly believe that cybersecurity is a business enabler and that there is no digital transformation without taking care of the IT & cyber risks that come along. You understand the importance of communicating IT & cyber risks to relevant stakeholders in a language that they can relate to. You are interested in exploring new cyber threats and technological trends (e.g. AI, quantum,) and what risks they pose to organizations. You work in both classic IT and IoT as well as OT environments, where we expect great technological progress. You are able to adapt quickly to changing environments and risk landscapes and can create risk frameworks accordingly. You feel confident in communicating with senior management on risks and threats.At Hilti, we believe in a caring and performance-oriented culture. Our people are our greatest strength, and our Great Place to Work 2024 recognition celebrates our commitment to a culture that values care, performance, and innovation. We offer competitive rewards and comprehensive career development opportunities that ensure your success is our priority.

Click on the link to know more: Kuala Lumpur | Hilti Careers